Review of the Qualys study ‘Cyber Risks 2025’ – When technology meets business



July 18, 2025



Cyber Security

Cyber security is on the agenda for 2025 – and pretty high up there. Budgets are increasing, and the topic has reached the boardroom.

But the new Cyber Risk Report from Qualys and Dark Reading reveals an uncomfortable truth: lots of money, little impact. That’s because the crucial factor is often missing – the business context.

The figures speak for themselves: although almost half of the companies surveyed have established a formal risk programme, only 30 per cent align their priorities with specific business objectives. Even more serious: just 14% link cyber risk reports to financial metrics. The result? Security measures fizzle out, ROI fails to materialise – and the risk continues to grow.

The causes are complex. There is, for example, a notorious lack of asset intelligence: only 13% of companies know at any given time what they actually need to protect. The rest rely on Excel and manual effort. Communication is also lacking: finance teams are often left out of the loop, reports are overly technical and fail to reach the actual decision-makers.

But executives don’t want to see CVSS scores anymore; they want answers to key questions: What will an attack cost us? Which risks are truly critical? And where should we start?

This is exactly where Qualys’ Risk Operations Centre (ROC) comes in – a new model that not only identifies cyber risks, but also translates them into relevant business metrics. With the Enterprise TruRisk Management (ETM) concept, technical details are converted into decisions that make strategic sense. It’s a kind of business GPS for risk management.

Conclusion: The study clearly shows that cybersecurity must make the leap from the technology basement to the business penthouse. If you want to protect your company effectively, you need context – not just tools. The ROC model offers a structured response to an increasingly complex problem.

👉 The full report is available for download here: Transform Cybersecurity from a Cost Centre to a Business Driver | Qualys, Inc. https://www.qualys.com/forms/whitepapers/state-of-cyber-risk-report-and-roc-promotion/

Mobile video towers: Opportunities, challenges and future prospects

Oct 13, 2025

A growth market in transition At Security Expo 2025 in Berlin, the focus was on a topic that is becoming increasingly important not only for security service providers, but also for construction companies, industrial enterprises and operators of critical...

Results of the OFFICE ROXX reader survey ‘Great Office Climate 2025’

Oct 13, 2025

For the fifth time, readers of the OFFICE ROXX blog were surveyed on the topic of indoor climate in the office. Well over 600 office workers took part in this year's survey on behalf of the PrimaBüroKlima initiative. The results show that there has been some progress...

‘Great Office Climate 2025’ – Between desert winds and cooling chambers

Oct 13, 2025

A satirical look at the OFFICE-ROXX survey by Maria Lehmen The fifth edition of the ‘Great Office Climate’ survey shows that the average office climate in Germany remains a fragile balance between electric blankets and fans. Although there has been slight progress –...

July 18, 2025

Cyber Security

Cyber security is on the agenda for 2025 – and pretty high up there. Budgets are increasing, and the topic has reached the boardroom.

Related Articles

Mobile video towers: Opportunities, challenges and future prospects

Results of the OFFICE ROXX reader survey ‘Great Office Climate 2025’

‘Great Office Climate 2025’ – Between desert winds and cooling chambers

Sitemap

Information

Newsletter Sign Up

Thank you!